STIGQter: STIG Summary: BIND 9.x Security Technical Implementation Guide Version: 2 Release: 1 Benchmark Date: 22 Jan 2021:

The BIND 9.x server implementation must be configured with a channel to send audit records to a local file.

DISA Rule

SV-207547r612253_rule

Vulnerability Number

V-207547

Group Title

SRG-APP-000125-DNS-000012

Rule Version

BIND-9X-001041

Severity

CAT III

CCI(s)

• CCI-001348 - The information system backs up audit records on an organization-defined frequency onto a different system or system component than the system or component being audited.

Weight

10

Fix Recommendation

Edit the "named.conf" file and add the following:

logging {
channel local_file_channel {
file "path_name" versions 3;
print-time yes;
print-severity yes;
print-category yes;
};
category category_name { local_file_channel; };
};

Restart the BIND 9.x process.

Check Contents

Verify that the BIND 9.x server is configured to send audit logs to a local log file.

Inspect the "named.conf" file for the following:

logging {
channel local_file_channel {
file "path_name" versions 3;
print-time yes;
print-severity yes;
print-category yes;
};

category category_name { local_file_channel; };

If a logging channel is not defined for a local file, this is a finding.

If a category is not defined to send messages to the local file channel, this is a finding.

Vulnerability Number

V-207547

Documentable

False

Rule Version

BIND-9X-001041

Severity Override Guidance

Verify that the BIND 9.x server is configured to send audit logs to a local log file.

Inspect the "named.conf" file for the following:

logging {
channel local_file_channel {
file "path_name" versions 3;
print-time yes;
print-severity yes;
print-category yes;
};

category category_name { local_file_channel; };

If a logging channel is not defined for a local file, this is a finding.

If a category is not defined to send messages to the local file channel, this is a finding.

Check Content Reference

M

Target Key

2926

Comments